Softcat Limited

Ivanti Cloud (Service Management, IT Asset Management, Endpoint & Security) Software

Built from a single platform, Ivanti Service Manager and Ivanti Asset Manager offer a robust, highly flexible IT and Enterprise Service and Asset Management application.   Helping organisations achieve the highest level of service quality, delivery and performance whilst managing assets throughout their lifespan from procurement, discovery to secure disposal.

Features

  • ITIL Service Management Solution - 13 ITIL processes
  • Market leading Service Catalogue and role-driven Self Service
  • Over 80 prebuilt service templates for IT, Facilities and HR.
  • Request, Incident, Problem, Change Management processes and more!
  • Project Portfolio Management (PPM)
  • IP Telephony/Voice Integration
  • IT Asset Management & Configuration Management (CMDB)
  • Full Asset and Configuration Lifecycle Management
  • Asset Request, Procurement, Identification, Contracts, Vendor and Bar Code Tracking
  • Intuitive Dashboards, Xtraction Reporting  and Notifications for business insights

Benefits

  • High availability integrated SaaS Based Service & Asset management solution
  • ITIL based Service Catalogue
  • Provides end-user portal for self service request management
  • Enterprise Service Management solution beyond IT for HR, Facilities etc.
  • Robust automation and integration with business applications
  • Integration with IT Operations toolsets to enable Unified IT
  • Know your Assets, where they are and their full Costs
  • Ability to proactively forecast and plan for future IT needs
  • Integral reporting to improve efficiency and desision-making
  • Codeless design facilitates fast time to value

Pricing

£231.88 per licence per year

Service documents

Framework

G-Cloud 11

Service ID

4 1 9 8 6 3 8 7 5 9 1 9 0 8 9

Contact

Softcat Limited

Charles Harrison

01612725766

psitq@softcat.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
"Ivanti Secure Configuration Management (Patching) (formerly Shavlik & Lumension)
Ivanti Environment Manager (profile management) (formely Appsense)
Ivanti File Director (data management) (formely Appsense)
Ivanti Unified Endpoint Management (LANDESK Management Suite)
Ivanti Application Control (application whitelisting and privilege management) (formely Appsense)
Ivanti Identity Management (joiners, movers & leavers)
And more
Cloud deployment model
Public cloud
Service constraints
"Upgrades are performed automatically by Ivanti Software where you will have access to upgraded functionality. Upgrades as part of the new version will not affect any configuration changes done within your environment and you will have the option of turning on or keeping the product enhancement features off as part of the new release.
Versions are in-line with Year and bi-annual upgrades, one in the spring and the latter in Autumn time period. Communication is issued well in advance by email and issued on user login to the Ivanti platform of any major release as part of the standard agreement."
System requirements
  • Ivanti Asset Manager is delivered over the internet
  • Ivanti Service Manager and Ivanti Asset Manager are browser based
  • Ivanti Service Manager is delivered over the internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
Please refer to our online support terms for a current view (Clause V) - https://www.ivanti.co.uk/company/legal/support-terms
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
"Please refer to our online support terms for a current view (Clause V) -  https://www.ivanti.co.uk/company/legal/support-terms
As standard, all our license subscription include support, with three levels of support available; standard, enhanced and premium. Clause II of the online terms (link above) provides full details.
All levels include access to the Cloud Care Team, which includes a team of technical engineers, online assistance, and phone help. Other support functions include:
Ivanti Community - Troubleshoot, search knowledge base articles, access white papers, and join our discussion forums.
Product Advice - The Advice Center provides a centralized search through knowledge base articles, forums, and product documentation. Manuals, installation guides, and support documents can be found on all Ivanti solutions.
Ivanti products are constantly updated to meet the needs of rapidly changing IT environments. As new products are released, previous versions are supported and maintained for a certain amount of time, then retired. Product support for older Ivanti products continues according to the schedule found here http://www.landesk.com/support/product-end-of-life/
Finally, a Technical Resource Manager (TRM) service is also available as an option with the terms again available online via the link at the top of this section.Many of the principles of WCAG are supported."
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The Ivanti Global Training Academy subscription is the most common approach to training, although classroom and onsite training is also available. The Academy marries training content and services to provide a more effective and engaging learning experience.
Live Online Training = Short (30- to 120-minute) courses taught by one of our certified instructors via WebEx Training Centre. They’re scheduled repeatedly throughout the week so you can fit the ones you’d like to attend into your schedule.
eLearning Modules = Short, concise, and interactive computer-based training modules. They focus on the content necessary to achieve a specific set of learning objectives.
Informational Videos = View commentary or watch a feature demo from within an eLearning Module.
Reference Materials = Further explore the topic at hand via a convenient link.
Downloadable Content = Student guides and lab guides for each of the Live Online Training courses, quick reference guides, course brochures, and more.
Please access the Ivanti Global Academy to see full list of courses  https://globalacademy.ivanti.com/store
Note - User documentation is also available via online Help
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At the end of the contract the customer is given an extract of the SQL database containing their data. Once the customer has confirmed receipt of data and successful restore then all data is removed from our system.
End-of-contract process
An extract of the database is provided to the customer.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
No functional differences, apart from mobile interfaces can be configured suitably for tablet and smartphone interfaces.
Service interface
Yes
Description of service interface
End User Self Service is available upon desktop and mobile interfaces.  Mobile Self Service is available over dedicated apps for iOS and Android and browser based apps for all other devices. Desktop Service access is available for analysts and managers through browser only platforms.
Accessibility standards
None or don’t know
Description of accessibility
"Ivanti has developed the solution to work on industry standard Browser Clients, with the features accessible using standard keyboard and screen readers.
As the solution is available fully within a browser, zoom in/out is supported with all text labels and content converting consistently from text to speech. Web pages are also accessible using keyboard navigation, without the need for a mouse.
Contrasting colours are supported throughout and these can be altered for all or purposely for visually impaired personnel.
The layout of forms within the system can also be adjusted."
Accessibility testing
Independent accessibility tools have been used internally among the Ivanti engineering team as part of the accessibility testing of the solution.  As it resides fully within the browser page, Zoom in/out is supported and all text labels and content convert consistently from text to speech.  Contrasting colours are supported throughout and these can be altered for all or purposely for visually impaired personnel.  Low alternate Flash indication can draw attention. As you type suggested content is provide to the user on search fields and extensive use of validated fields are utilised.
API
Yes
What users can and can't do using the API
The Service Manager API can be adopted to CREATE/UPDATE and DELETE tickets (Incidents/Requests/Problem etc.). Actions can also be called to automate activity/instruction such as issuing emails or updates. The API can obtain information out of Service Manager into third party solutions such as to feed web sites of User/Ticket History/Asset details.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Ivanti Service Manager and Ivanti Asset Manager provide a codeless development platform. New Business Objects(Tables), Forms, Fields, Reports and automated actions can be configured. All configurations are supported. Configurations can be recorded onto packages and exported/Imported from Development to Test to Production environments to mitigate risk of manual development steps. Service Manager utilises a Role based access model. Templates, Quick actions(automations) and dashboard development can be carried out by "Super users" whilst Administrators are able to reconfigure business objects and/or create new objects.

Scaling

Independence of resources
The Multi-tenant solution is scaled based on the workflow subjected by each tenant, SQL DB's are unique to each client and not shared. Services are established to automatically deploy additional Virtual Servers in the event of an increase of requirements.

Analytics

Service usage metrics
Yes
Metrics types
"Availability Statistics, i.e. % availability per month.
Provision of planned maintenance downtime.
Provision of software upgrade and update schedules."
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Ivanti

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users export their data using built in data export quick links or wizards.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • WORD
  • EXCEL
  • TXT
  • HTM
  • PNG
Data import formats
  • CSV
  • Other
Other data import formats
  • Excel
  • Xml

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Please refer to section 4.1 of the Ivanti Software as a Service terms and conditions found here; https://www.ivanti.com/company/legal/saas
Approach to resilience
Amazon Web Services (AWS) provide customers the flexibility to place instances and store data within multiple geographic regions as well as across multiple Availability Zones within each region. Each Availability Zone is designed as an independent failure zone. In case of failure, automated processes move customer data traffic away from the affected area. AWS SOC 1 Type II report provides further details. ISO 27001 standard Annex A, domain 11. 2 provides additional details. AWS has been validated and certified by an independent auditor to confirm alignment with ISO 27001 certification.
Outage reporting
AWS does not require systems to be brought offline to perform regular maintenance and system patching. AWS's own maintenance and system patching generally do not impact customers.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access is restricted by Roles and Groups within the solution to ensure only those authorised can access the system via management interfaces and support channels
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
05/06/2018;
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
11/11/2016
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
N/A
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire Systems Inc
PCI DSS accreditation date
July 2016
What the PCI DSS doesn’t cover
Amazon Web Services (AWS) is a Cloud Service Provider (CSP) that does not directly store, transmit or process any customer cardholder data (CHD). However, AWS customers may create their own card data environment (CDE) that can store, transmit or process cardholder data using AWS products.
Other security certifications
Yes
Any other security certifications
  • AWS PCI DSS 3.2 Attestation of Compliance (AOC)
  • AWS 2016 PCI DSS 3.2 Responsibility Summary

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Control Objectives for Information and related Technology (COBIT) framework and have effectively integrated the ISO 27001 certifiable framework based on ISO 27002 controls, American Institute of Certified Public Accountants (AICPA) Trust Services Principles, the PCI DSS v2.0, and the National Institute of Standards and Technology (NIST) Publication 800-53 Rev 3 (Recommended Security Controls for Federal Information Systems).

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
In alignment with ISO 27001 standards, Amazon Web Services (AWS) hardware assets are assigned an owner, tracked and monitored by the AWS personnel with AWS proprietary inventory management tools. AWS procurement and supply chain team maintain relationships with all AWS suppliers. Refer to ISO 27001 standards; Annex A, domain 7.1 for additional details. AWS has been validated and certified by an independent auditor to confirm alignment with ISO 27001 certification standard.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Amazon Web Services (AWS) patch systems supporting the delivery of service to customers, such as the hypervisor and networking services. This is done as required per AWS policy and in accordance with ISO 27001, NIST, and PCI requirements. AWS Security regularly scans all Internet facing service endpoint IP addresses for vulnerabilities (these scans do not include customer instances). AWS Security notifies the appropriate parties to remediate any identified vulnerabilities. In addition, external vulnerability threat assessments are performed regularly by independent security firms. Findings and recommendations resulting from these assessments are categorized and delivered to AWS leadership.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Amazon Web Services (AWS) program, processes and procedures to managing antivirus / malicious software is in alignment with ISO 27001 standards. Refer to AWS SOC 1 Type II report provides further details. In addition, refer to ISO 27001 standard, Annex A, domain 10.4 for additional details. AWS has been validated and certified by an independent auditor to confirm alignment with ISO 27001 certification standard.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Amazon Web Services incident response program, plans and procedures have been developed in alignment with ISO 27001 standard. The AWS SOC 1 Type II report provides details on the specific control activities executed by AWS.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£231.88 per licence per year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full version for 30 days
Link to free trial
https://go.ivanti.com/Web-FreeTrial-Service-Manager.html

Service documents

Return to top ↑